def can_execute_global_workflow(tenant): execute_global_roles = \ config.instance.authorization_permissions['execute_global_workflow'] return ( current_user.id == constants.BOOTSTRAP_ADMIN_ID or current_user.has_role_in(tenant, execute_global_roles) )
def is_administrator(tenant): administrators_roles = \ config.instance.authorization_permissions['administrators'] return ( current_user.id == constants.BOOTSTRAP_ADMIN_ID or current_user.has_role_in(tenant, administrators_roles) )
def is_create_global_permitted(tenant): create_global_roles = \ config.instance.authorization_permissions['create_global_resource'] return ( current_user.id == constants.BOOTSTRAP_ADMIN_ID or current_user.has_role_in(tenant, create_global_roles) )
def tenant_specific_authorization(tenant, resource_name, action='list'): """ Return true if the user is permitted to perform a certain action in a in a given tenant on a given resource (for filtering purpose). """ resource_name = constants.MODELS_TO_PERMISSIONS.get(resource_name, resource_name.lower()) permission_name = '{0}_{1}'.format(resource_name, action) return current_user.has_role_in( tenant, config.instance.authorization_permissions[permission_name])
def tenant_specific_authorization(tenant, resource_name, action='list'): """ Return true if the user is permitted to perform a certain action in a in a given tenant on a given resource (for filtering purpose). """ resource_name = MODELS_TO_PERMISSIONS.get(resource_name, resource_name.lower()) permission_name = '{0}_{1}'.format(resource_name, action) return current_user.has_role_in( tenant, config.instance.authorization_permissions[permission_name])